Federal Reports

What We Looked AtWe performed a quality control review (QCR) on the single audit that Eide Bailly LLP performed for the City of Santa Clarita’s fiscal year that ended June 30, 2021. During this period, the City expended approximately $25.4 million from U.S. Department of Transportation (DOT) programs. Eide Bailly determined that DOT’s major program was the Federal Transit Administration’s (FTA) Federal Transit Cluster. Our QCR objectives were to determine whether (1) the audit work complied with the Single Audit Act of 1984, as amended, and the Office of Management and Budget’s Uniform Guidance, and the extent to which we could rely on the auditor’s work on DOT’s major programs and (2) the City of Santa Clarita’s reporting package complied with the reporting requirements of the Uniform Guidance. What We FoundEide Bailly complied with the requirements of the Single Audit Act, the Uniform Guidance, and DOT’s major programs. We found nothing to indicate that Eide Bailly’s opinion on DOT’s major program was inappropriate or unreliable. However, we identified deficiencies that require correction in future audits. Accordingly, we assigned Eide Bailly an overall rating of pass with deficiencies.

This report presents the results of our survey on LEA experiences with using ESSER funds to purchase educational technology to continue student instruction during the coronavirus. The survey identified (1) types of educational technology that LEAs purchased with their ESSER funds, (2) challenges that LEAs experienced when using ESSER funds for educational technology, and (3) impact the educational technology had on student learning. The survey found that LEAs nationwide generally reported using ESSER funds to purchase educational technology to continue student instruction due to the coronavirus. They purchased instructional software that offered teachers flexibility when creating remote learning environments and technology-related training that was both a challenge and an unexpected opportunity to improve teacher and student use of technology. LEAs reported their experiences with educational technology purchased using ESSER funds to resolve or mitigate challenges they faced while continuing student instruction during the coronavirus. LEAs nationwide generally reported experiencing lost instructional time and using ESSER-funded technology to address the academic impact that their student populations experienced during the coronavirus.

This Office of Inspector General Comprehensive Healthcare Inspection Program report describes the results of a focused evaluation of the inpatient and outpatient care provided at the New Mexico VA Health Care System, which includes the Raymond G. Murphy VA Medical Center (Albuquerque) and multiple outpatient clinics in Colorado and New Mexico. This evaluation focused on five key operational areas:• Leadership and organizational risks• Quality, safety, and value• Medical staff privileging• Environment of care• Mental health (emergency department and urgent care center suicide prevention initiatives)The OIG issued seven recommendations for improvement in three areas:1. Quality, safety, and value• Recommend, implement, and monitor improvement actions• Peer review processes• Patient safety events2. Medical staff privileging• Focused and Ongoing Professional Practice Evaluation processes3. Environment of care• Maintain, inspect, and test biomedical equipment• Environmental cleanliness

The VA Office of Inspector General (OIG) conducts information security inspections to assess whether VA facilities are meeting federal security requirements. They are typically conducted at selected facilities that have not been assessed in the sample for the annual audit required by the Federal Information Security Modernization Act of 2014 (FISMA) or at facilities that previously performed poorly. The OIG selected the James E. Van Zandt VA Medical Center in Altoona, Pennsylvania, because it had not been previously visited as part of the OIG’s annual FISMA audit.These inspections focus on four security control areas: configuration management, contingency planning, security management, and access controls. During this inspection, the OIG found deficiencies with configuration management, security management, and access controls.Deficiencies in configuration management included inaccurate component inventories and ineffective vulnerability management, increasing opportunities for exploitation. The security management weakness involved the facility’s special-purpose system, which did not have an authorization to operate, leaving it vulnerable to compromise. Weak access controls, such as inadequately restricting access to computer rooms, communication closets, and generators, increased the risk of damage or destruction. The team also found missing environmental controls in the communication closets, which could lead to damage to organizational assets and result in financial loss or harm to veterans.The OIG made four recommendations, including one addressed to the medical center director and three addressed to the assistant secretary for information and technology and chief information officer, who did not concur with one: to verify and make necessary corrections to the systems’ component inventory. The OIG stands by its recommendation, as the review identified about 2,500 devices on the facility’s network as compared to only about 1,450 devices identified by the component inventory, and OIT’s response did not include additional evidence that would prompt the OIG to reconsider its conclusion.

The Pandemic Response Accountability Committee’s (PRAC) Semiannual Report to Congress, covering the period from October 1, 2022 through March 31, 2023.